Cwikius-Spring
/
spring-security
mirror of https://github.com/spring-projects/spring-security.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

SEC-2282: Polish CSRF doc

This commit is contained in:
Rob Winch 2013-08-27 17:16:32 -05:00
parent aca2e4ff3a
commit 9483226d02
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
docs/manual/src/docbook/csrf.xml
View File

@ -31,7 +31,7 @@ amount=100.00&routingNumber=1234&account=9876
name="account" name="account"
value="evilsAccountNumber"/> value="evilsAccountNumber"/>
<input type="submit" <input type="submit"
value="Win Money!'/> value="Win Money!"/>
</form>]]></programlisting> </form>]]></programlisting>
<para>You like to win money, so you click on the submit button. In the process, you have unintentionally transferred $100 to <para>You like to win money, so you click on the submit button. In the process, you have unintentionally transferred $100 to
a malicious user. This happens because, while the evil website cannot see your cookies, the cookies associated with your a malicious user. This happens because, while the evil website cannot see your cookies, the cookies associated with your